package edu.rit.varapp.datalayer;

import edu.rit.varapp.db.DatabaseConnection;
import java.sql.ResultSet;
import java.sql.SQLException;

/**
 * Connect provides methods to perform various functions for logging into the application.
 */
public class Connect {

    private DatabaseConnection conn;

    public Connect() {
        this.conn = DatabaseConnection.instance();
    }

    /**
     * Log a client into the application using their email and password.
     * @param email The client's email.
     * @param password The client's hashed password.
     * @return The customer's entityId if it was a successful login, else -1.
     * @throws SQLException
     */
    public int loginClient( String email, String password ) throws SQLException {
        String sql = "SELECT EntityId FROM customers WHERE email = ? AND pswd = ?";
        ResultSet rs = conn.buildStmnt( sql, email, password ).executeQuery();
        if( rs.next() ) {
            return rs.getInt( "EntityId" );
        }
        return -1;
    }

    /**
     * Log an admin into the application using a username and password.
     * @param username The admin's username.
     * @param password The admin's hashed password.
     * @return True if the user is an admin and successfully logged in, else false.
     * @throws SQLException
     */
    public boolean loginAdmin( String username, String password ) throws SQLException {
        String sql = "SELECT isAdmin FROM administrators WHERE adminName = ? AND pswd = ?";
        ResultSet rs = conn.buildStmnt( sql, username, password ).executeQuery();
        if( rs.next() ) {
            if( rs.getBoolean( 1 ) ) {
                return true;
            }
        }
        return false;
    }

    /**
     * Registers a user with an email and password.
     * @param contactName The user's contact name
     * @param companyName The user's company name
     * @param email The user's preferred email.
     * @param password The user's preferred password, priorly hashed.
     * @return True if the user has successfully registered, false otherwise.
     * @throws SQLException
     */
    public boolean register( String contactName, String companyName, String email, String password )
            throws SQLException {
        if( isRegistered( contactName, companyName ) ) {
            return false;
        }
        String sql = "SELECT EntityId FROM customers WHERE contactName LIKE ? AND companyName LIKE ?";
        ResultSet rs = conn.buildStmnt( sql, "%" + contactName + "%", "%" + companyName + "%" ).executeQuery();
        if( rs.next() ) {
            int eid = rs.getInt( 1 );
            sql = "UPDATE customers SET email = \"" + email + "\", pswd = \"" + password + "\" WHERE EntityId = " + eid;
            int val = conn.executeUpdateQuery( sql );
            if( val > 0 ) {
                return true;
            }
        }
        return false;
    }

    /**
     * Checks if a customer has already registered their email and password in the database.
     * @param contactName The customer's contact name.
     * @param companyName The customer's company name.
     * @return True if the user has already registered an email and password, else false.
     * @throws SQLException
     */
    private boolean isRegistered( String contactName, String companyName ) throws SQLException {
        String sql = "SELECT email, pswd FROM customers WHERE contactName LIKE ? AND companyName LIKE ?";
        ResultSet rs = conn.buildStmnt( sql, "%" + contactName + "%", "%" + companyName + "%" ).executeQuery();
        if( rs.next() ) {
            String email = rs.getString( "email" );
            if( rs.wasNull() ) {
                return false;
            }
            String password = rs.getString( "pswd" );
            if( rs.wasNull() ) {
                return false;
            }
        }
        return true;
    }
}
